2. Perform an Experiment

Quantify the effectiveness of a hacking exploit by designing an experiment collecting data on its effectiveness.

Example:Recall researchers recently used the CADO-NFS numberfield sieve implementation to crack the RSA key used by the ransomware Bitcrypt. Run an experiment on the effectiveness of NFS software in a cloud computing setting, for example, by using the factoring as a service framework.

3. Do an Implementation

Implement a previously proposed vulnerability or countermeasure in software, or improve an existing one.

Example:A recent source code review of Norway’s remote voting system outlined several potential vulnerabilities. Implement one of the exploits described and test it on the (actual, or simplified/simulated) source code.

4. Design a Solution

Propose a new countermeasure to a known vulnerability.

Example:The Bitcoin client stores your account information in a “wallet file” on your hard drive. This file contains the signing keys necessary to transfer funds associated with your accounts. A hacker that can gain access to this file, therefore, could spend your money. Devise and outline a new method for protecting Bitcoin wallets.